Risk Manager

https://www.bayt.com/en/qatar/jobs/risk-manager-5353109/&utm_source=copyLinkByEmployer

Lead the development and continuous enhancement of a robust Enterprise Risk Management (ERM) framework across United Developers and its portfolio—Place Vendôme Mall, Trocadero Theme Park, Tarfat Public Infrastructure, and Le Royal Meridien Hotel and Residences. Ensure operational continuity, asset protection, and stakeholder confidence through strategic oversight of financial, operational, compliance, and reputational risks, in coordination with internal audit, the Audit Committee, and other stakeholders. 

1.Risk Management Framework Implementation: 

• Develop and implement an integrated Enterprise Risk Management (ERM) framework aligned with ISO 31000 and COSO principles. 

• Define risk taxonomy, appetite thresholds, scoring methodologies, and mitigation protocols tailored to United Developers’ operations. 

• Establish structured processes for risk identification, analysis, evaluation, treatment, monitoring, and reporting across all assets. 

• Ensure policies remain current with changes in regulatory landscapes and organizational needs. 

2.Policy and Procedure Development: 

• Draft, implement, and regularly update a comprehensive suite of risk-related governance documents, including 

• 
  
  
  
  • Enterprise Risk Management (ERM) policies and manuals 
  
  
  
  

• 
  
  
  
  • Risk identification and reporting protocols 
  
  
  
  

• 
  
  
  
  • Business continuity plans (BCP) 
  
  
  
  

• 
  
  
  
  • Crisis response frameworks 
  
  
  
  

• 
  
  
  
  • Incident escalation procedures 
  
  
  
  

• 
  
  
  
  • Compliance assurance guidelines 
  
  
  
  

• 
  
  
  
  • Develop standard operating procedures (SOPs) and control measures to address key risk areas across all SOPs, Policies and business units. 
  
  
  
  

• Ensure complete alignment of all policies with local regulations (e.g., Qatari law, municipal requirements, QCDD), international best practices (e.g., ISO 31000, COSO ERM), and organizational objectives. 

• Establish a uniform policy structure and documentation format to promote consistency, clarity, and ease of implementation across departments. 

• Collaborate closely with Legal, External Audit, Internal Audit, Quality Control, and relevant stakeholder teams to integrate risk considerations into operational and regulatory compliance frameworks.  

• Create a centralized repository of all approved policies, with version control and periodic review cycles. 

• Ensure that each policy has clearly defined ownership, implementation responsibilities, and review timelines.  

• Drive the organization's objective of having comprehensive, auditable, and actionable policies and processes in place for all material business risks. 

3.Risk Oversight Across Business Units: 

• Place Vendôme Mall

• 
  
  
  
  • Leasing and revenue performance 
  
  
  
  

• 
  
  
  
  • Tenant compliance and legal exposures 
  
  
  
  

• 
  
  
  
  • Facilities Management 
  
  
  
  

• 
  
  
  
  • Mall Management 
  
  
  
  

• 
  
  
  
  • Specialty Leasing 
  
  
  
  

• 
  
  
  
  • Procurement 
  
  
  
  

• 
  
  
  
  • Outsourced services and contractor performance 
  
  
  
  

• 
  
  
  
  • Security, health, and safety standards 
  
  
  
  

• 
  
  
  
  • IT infrastructure, data privacy, and cyber risks 
  
  
  
  

• 
  
  
  
  • Customer experience and brand perception 
  
  
  
  

• Trocadero Theme Park

• 
  
  
  
  • Guest and ride safety, liability, and incident response 
  
  
  
  

• 
  
  
  
  • Regulatory compliance (municipal and national) 
  
  
  
  

• 
  
  
  
  • Vendor management and equipment maintenance 
  
  
  
  

• 
  
  
  
  • Financial sustainability and revenue variability 
  
  
  
  

• 
  
  
  
  • Cybersecurity, ticketing systems, and customer data protection 
  
  
  
  

• 
  
  
  
  • Reputational risks from service disruption or negative publicity 
  
  
  
  

• United Hotel Management (Le Royal Meridien & Residences) 
  


• Tarfat Public Infrastructure
  

4.Risk Monitoring & Reporting: 

• Maintain a centralized and regularly updated Risk Register with clearly defined risk owners and mitigation timelines. 

• Develop risk dashboards and present risks, trends, and corrective action updates to senior leadership and the Board (or Risk Committee). 

• Track Key Risk Indicators (KRIs) and ensure timely resolution of flagged items. 

• Ensure the Risk Register is auditable and supports root cause analysis and continuous improvement. 

5.Internal Audit and External Stakeholder Coordination: 

• Act as the primary risk counterpart for Internal Auditors and other third-party consultants. 

• Coordinate audit fieldwork and follow-up on audit recommendations to ensure implementation. 

• Prepare and facilitate periodic reviews with auditors, regulatory bodies, and Board Committees, ensuring transparent and professional communication. 

• Support the preparation of risk disclosures for annual reports or regulatory filings, as applicable. 

6.Financial Risk Management: 

• Work with the Finance team to assess and mitigate financial risks such as credit risk, liquidity risk, investment risk, budget variance, and financial reporting inaccuracies. 

• Evaluate vendor solvency and financial exposures related to outsourced contracts and capital projects. 

• Contribute to insurance planning, cost-benefit analysis, and risk transfer strategies (e.g., coverage limits, deductibles, business interruption). 

7.Business Continuity and Crisis Management: 

• Lead the development, testing, and periodic update of Business Continuity Plans (BCP) and Crisis Management Protocols across all business units. 

• Conduct tabletop simulations and emergency drills in coordination with Operations and HSE teams. 

8.Training and Risk Culture: 

• Drive risk awareness programs and workshops across departments. 

• Stay updated on the industry trends, regulatory changes, risk modeling techniques 

• Train managers and supervisors in risk identification and escalation procedures. 

• Embed a proactive and accountable risk culture throughout the organization.